Resumo da vaga

SRE- Security Engineer

Requisitos e responsabilidades

Conteúdo da vaga extraído em seções para revisão mais rápida.

Kubernetes & Platform Security

  • Design, implement, and maintain security controls for Kubernetes clusters and containerized workloads.
  • Establish and enforce Kubernetes security best practices, including RBAC, Network Policies, Pod Security Standards, admission controllers, and secrets management.
  • Secure container images, registries, and deployment pipelines.
  • Perform security assessments and hardening of Kubernetes environments.

GitOps & CI/CD Security

  • Implement and maintain secure GitOps workflows using Helm and ArgoCD.
  • Integrate security controls into CI/CD pipelines, including automated security scanning and policy enforcement.
  • Review deployment processes to ensure compliance with security standards.
  • Collaborate with engineering teams to embed DevSecOps practices across the software development lifecycle.

Threat Detection & Incident Response

  • Deploy, manage, and optimize security monitoring and threat detection solutions.
  • Configure and maintain runtime security monitoring using Falco.
  • Investigate security alerts, incidents, and suspicious activities within cloud-native environments.
  • Develop and maintain incident response procedures and playbooks.

Vulnerability Management

  • Manage container and infrastructure vulnerability scanning using Trivy.
  • Analyze security findings, prioritize remediation efforts, and coordinate fixes with engineering teams.
  • Track vulnerability metrics and ensure timely remediation of critical risks.

Security Monitoring & SIEM

  • Deploy, configure, and maintain Wazuh for security monitoring, log analysis, and compliance reporting.
  • Create detection rules, dashboards, and alerts to improve security visibility.
  • Correlate events from multiple sources to identify potential threats.

Application & Web Security

  • Implement and maintain Web Application Firewall (WAF) solutions.
  • Conduct application security assessments aligned with OWASP Top 10 recommendations.
  • Work with development teams to identify and remediate application security vulnerabilities.
  • Establish secure coding and deployment practices.

Governance, Risk & Compliance

  • Develop security standards, policies, and operational procedures.
  • Support security audits, compliance initiatives, and risk assessments.
  • Maintain documentation for security architecture, controls, and operational processes.

Technical Skills

  • Strong hands-on experience with Kubernetes (K8s) administration and security.
  • Experience with Helm and ArgoCD in production environments.
  • Experience implementing GitOps and securing CI/CD pipelines.
  • Expertise in Falco for runtime threat detection and monitoring.
  • Experience with Trivy for vulnerability scanning and container security.
  • Hands-on experience with Wazuh SIEM/XDR platform.
  • Strong understanding of Web Application Firewalls (WAF) and OWASP Top 10 security risks.
  • Knowledge of container security, image hardening, and Kubernetes workload protection.
  • Experience with Linux system administration and security hardening.
  • Familiarity with Infrastructure as Code and automation practices.

Security Knowledge

  • Container and Kubernetes security.
  • Cloud-native security architecture.
  • Vulnerability management and remediation processes.
  • Security monitoring, incident response, and threat hunting.
  • Identity and access management principles.
  • Secure software development lifecycle (SSDLC).

Preferred Qualifications

  • Experience working alongside SRE, Platform Engineering, or DevOps teams.
  • Security certifications such as:CKS (Certified Kubernetes Security Specialist)CKA (Certified Kubernetes Administrator)CISSPGSECSecurity+
  • CKS (Certified Kubernetes Security Specialist)
  • CKA (Certified Kubernetes Administrator)
  • CISSP
  • GSEC
  • Security+
  • Experience with cloud platforms (GCP, AWS, or Azure).
  • Experience implementing security policies using OPA/Gatekeeper or Kyverno.
  • Knowledge of SOC operations and compliance frameworks (ISO 27001, SOC2, PCI-DSS, NIST).

Details

  • CKS (Certified Kubernetes Security Specialist)
  • CKA (Certified Kubernetes Administrator)
  • CISSP
  • GSEC
  • Security+
Vagas similares

Mantenha uma lista reserva.

Ver stack
FocoSecurity EngineeringÁrea da vaga
Sinal de senioridadeSeniorNível do candidato
StackAWS, Azure, CI/CDSkills principais
Localização1 país aceitoElegibilidade

Stack

Use estas tags para comparar vagas remotas similares.

Elegibilidade de localização

Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.

Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.

Fluxo de contratação

O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.

1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.
Aplicar no site da empresaSite da empresaAbrir link